In a landmark move for Africa’s digital governance landscape, Meta Platforms Inc., the parent company of Facebook and Instagram, has agreed to a $32.8 million data privacy settlement with the Nigerian government.
The deal marks one of the most significant enforcement actions under Nigeria’s emerging data protection regime and signals a new era of accountability for global tech firms operating on the continent.
The fine, initially imposed by the Nigeria Data Protection Commission (NDPC) in February 2025, stemmed from alleged violations of the Nigeria Data Protection Act. Regulators accused Meta of using Nigerian users’ personal data for behavioural advertising without explicit consent, processing data belonging to non-users, failing to submit mandatory compliance audits, and transferring user information abroad without due authorisation.
After months of legal challenges, Meta opted for an out-of-court settlement, expected to be finalised by the end of October 2025. The decision reflects a strategic shift by the company toward cooperation with Nigeria’s growing regulatory framework, following what officials describe as “constructive engagement” between Meta representatives and the NDPC.
The agreement requires Meta to update its privacy policies, conduct localised data protection impact assessments, and obtain clear user consent before using personal data for targeted advertising.
Nigeria’s firm stance follows a broader regulatory wave that has seen authorities impose multi-million-dollar penalties on other global platforms for privacy breaches. The country’s proactive approach underscores Africa’s rising demand for digital sovereignty, transparency, and user protection in the face of expanding tech influence.
Analysts say this could influence how multinational tech firms handle African user data, setting a precedent for future enforcement actions across the region.
About the Author
